Running latest Rawhide, targeted.
Running in enforcing mode, audio-entropyd fails to start.
Flipping to permissive mode and restarting, I get these:
type=AVC msg=audit(1181506748.052:78): avc: denied { read write } for pid=8712 comm="audio-entropyd" name="random" dev=tmpfs ino=3167 scontext=system_u:system_r:entropyd_t:s0 tcontext=system_u:object_r:random_device_t:s0 tclass=chr_file type=SYSCALL msg=audit(1181506748.052:78): arch=40000003 syscall=5 success=yes exit=4 a0=804a2b3 a1=2 a2=0 a3=bfbbdef0 items=0 ppid=1 pid=8712 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="audio-entropyd" exe="/usr/sbin/audio-entropyd" subj=system_u:system_r:entropyd_t:s0 key=(null) type=AVC msg=audit(1181506748.052:79): avc: denied { dac_override } for pid=8712 comm="audio-entropyd" capability=1 scontext=system_u:system_r:entropyd_t:s0 tcontext=system_u:system_r:entropyd_t:s0 tclass=capability type=SYSCALL msg=audit(1181506748.052:79): arch=40000003 syscall=5 success=yes exit=5 a0=804a268 a1=0 a2=45ef7fc0 a3=804a268 items=0 ppid=1 pid=8712 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="audio-entropyd" exe="/usr/sbin/audio-entropyd" subj=system_u:system_r:entropyd_t:s0 key=(null)
Looks like it wants read/write access to /dev/random plus dac_override.
tom
On 6/10/07, Tom London selinux@gmail.com wrote:
Running latest Rawhide, targeted.
Running in enforcing mode, audio-entropyd fails to start.
Flipping to permissive mode and restarting, I get these:
type=AVC msg=audit(1181506748.052:78): avc: denied { read write } for pid=8712 comm="audio-entropyd" name="random" dev=tmpfs ino=3167 scontext=system_u:system_r:entropyd_t:s0 tcontext=system_u:object_r:random_device_t:s0 tclass=chr_file type=SYSCALL msg=audit(1181506748.052:78): arch=40000003 syscall=5 success=yes exit=4 a0=804a2b3 a1=2 a2=0 a3=bfbbdef0 items=0 ppid=1 pid=8712 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="audio-entropyd" exe="/usr/sbin/audio-entropyd" subj=system_u:system_r:entropyd_t:s0 key=(null) type=AVC msg=audit(1181506748.052:79): avc: denied { dac_override } for pid=8712 comm="audio-entropyd" capability=1 scontext=system_u:system_r:entropyd_t:s0 tcontext=system_u:system_r:entropyd_t:s0 tclass=capability type=SYSCALL msg=audit(1181506748.052:79): arch=40000003 syscall=5 success=yes exit=5 a0=804a268 a1=0 a2=45ef7fc0 a3=804a268 items=0 ppid=1 pid=8712 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="audio-entropyd" exe="/usr/sbin/audio-entropyd" subj=system_u:system_r:entropyd_t:s0 key=(null)
Looks like it wants read/write access to /dev/random plus dac_override.
Seemed to have missed this one:
type=AVC msg=audit(1181576467.185:18): avc: denied { ioctl } for pid=3214 comm="audio-entropyd" name="random" dev=tmpfs ino=3258 scontext=system_u:system_r:entropyd_t:s0 tcontext=system_u:object_r:random_device_t:s0 tclass=chr_file type=SYSCALL msg=audit(1181576467.185:18): arch=40000003 syscall=54 success=no exit=-13 a0=4 a1=80045200 a2=bfd346dc a3=bfd30630 items=0 ppid=1 pid=3214 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="audio-entropyd" exe="/usr/sbin/audio-entropyd" subj=system_u:system_r:entropyd_t:s0 key=(null) type=AVC_PATH msg=audit(1181576467.185:18): path="/dev/random"
tom
On Mon, 2007-06-11 at 12:07 -0700, Tom London wrote:
On 6/10/07, Tom London selinux@gmail.com wrote:
Running latest Rawhide, targeted.
Running in enforcing mode, audio-entropyd fails to start.
Flipping to permissive mode and restarting, I get these:
(audit messages snipped)
I tried to make a module for audio-entropyd to fix this, but it doesn't seem to do the job. Can anyone advise me on what I'm doing wrong?
Here are my three files:
http://people.redhat.com/tcallawa/selinux/
Thanks in advance,
~spot
On Mon, 2007-06-11 at 16:16 -0500, Tom "spot" Callaway wrote:
On Mon, 2007-06-11 at 12:07 -0700, Tom London wrote:
On 6/10/07, Tom London selinux@gmail.com wrote:
Running latest Rawhide, targeted.
Running in enforcing mode, audio-entropyd fails to start.
Flipping to permissive mode and restarting, I get these:
(audit messages snipped)
I tried to make a module for audio-entropyd to fix this, but it doesn't seem to do the job. Can anyone advise me on what I'm doing wrong?
Here are my three files:
http://people.redhat.com/tcallawa/selinux/
Thanks in advance,
Can you clarify what you mean by "doesn't seem to do the job"? You still get avc denials? Which ones?
Some avc denials may be caused by components other than the TE rules, audit2why tries to diagnose them (but is pretty klunky at present).
On Tue, 2007-06-12 at 07:32 -0400, Stephen Smalley wrote:
On Mon, 2007-06-11 at 16:16 -0500, Tom "spot" Callaway wrote:
On Mon, 2007-06-11 at 12:07 -0700, Tom London wrote:
On 6/10/07, Tom London selinux@gmail.com wrote:
Running latest Rawhide, targeted.
Running in enforcing mode, audio-entropyd fails to start.
Flipping to permissive mode and restarting, I get these:
(audit messages snipped)
I tried to make a module for audio-entropyd to fix this, but it doesn't seem to do the job. Can anyone advise me on what I'm doing wrong?
Here are my three files:
http://people.redhat.com/tcallawa/selinux/
Thanks in advance,
Can you clarify what you mean by "doesn't seem to do the job"? You still get avc denials? Which ones?
I'm still getting similar avc denials:
Raw Audit Messages :avc: denied { read, write } for comm="audio-entropyd" dev=tmpfs egid=0 euid=0 exe="/usr/sbin/audio-entropyd" exit=4 fsgid=0 fsuid=0 gid=0 items=0 name="random" pid=3939 scontext=user_u:system_r:entropyd_t:s0 sgid=0 subj=user_u:system_r:entropyd_t:s0 suid=0 tclass=chr_file tcontext=system_u:object_r:random_device_t:s0 tty=(none) uid=0
Raw Audit Messages :avc: denied { dac_override } for comm="audio-entropyd" egid=0 euid=0 exe="/usr/sbin/audio-entropyd" exit=5 fsgid=0 fsuid=0 gid=0 items=0 pid=3939 scontext=user_u:system_r:entropyd_t:s0 sgid=0 subj=user_u:system_r:entropyd_t:s0 suid=0 tclass=capability tcontext=user_u:system_r:entropyd_t:s0 tty=(none) uid=0
~spot
Tom "spot" Callaway wrote:
On Tue, 2007-06-12 at 07:32 -0400, Stephen Smalley wrote:
On Mon, 2007-06-11 at 16:16 -0500, Tom "spot" Callaway wrote:
On Mon, 2007-06-11 at 12:07 -0700, Tom London wrote:
On 6/10/07, Tom London selinux@gmail.com wrote:
Running latest Rawhide, targeted.
Running in enforcing mode, audio-entropyd fails to start.
Flipping to permissive mode and restarting, I get these:
(audit messages snipped)
I tried to make a module for audio-entropyd to fix this, but it doesn't seem to do the job. Can anyone advise me on what I'm doing wrong?
Here are my three files:
http://people.redhat.com/tcallawa/selinux/
Thanks in advance,
Can you clarify what you mean by "doesn't seem to do the job"? You still get avc denials? Which ones?
I'm still getting similar avc denials:
Raw Audit Messages :avc: denied { read, write } for comm="audio-entropyd" dev=tmpfs egid=0 euid=0 exe="/usr/sbin/audio-entropyd" exit=4 fsgid=0 fsuid=0 gid=0 items=0 name="random" pid=3939 scontext=user_u:system_r:entropyd_t:s0 sgid=0 subj=user_u:system_r:entropyd_t:s0 suid=0 tclass=chr_file tcontext=system_u:object_r:random_device_t:s0 tty=(none) uid=0
Raw Audit Messages :avc: denied { dac_override } for comm="audio-entropyd" egid=0 euid=0 exe="/usr/sbin/audio-entropyd" exit=5 fsgid=0 fsuid=0 gid=0 items=0 pid=3939 scontext=user_u:system_r:entropyd_t:s0 sgid=0 subj=user_u:system_r:entropyd_t:s0 suid=0 tclass=capability tcontext=user_u:system_r:entropyd_t:s0 tty=(none) uid=0
~spot
Are you sure you installed you pp file?
semodule -l
Will list the installed modules.
-- fedora-selinux-list mailing list fedora-selinux-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-selinux-list
selinux@lists.fedoraproject.org
-
Daniel J Walsh -
Stephen Smalley -
Tom Callaway -
Tom London